mirror of
https://github.com/dolphin-emu/dolphin.git
synced 2025-07-22 22:00:39 -06:00
Externals: Update mbedtls to 2.28.0
This commit is contained in:
73
Externals/mbedtls/library/ecjpake.c
vendored
73
Externals/mbedtls/library/ecjpake.c
vendored
@ -1,7 +1,7 @@
|
||||
/*
|
||||
* Elliptic curve J-PAKE
|
||||
*
|
||||
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
|
||||
* Copyright The Mbed TLS Contributors
|
||||
* SPDX-License-Identifier: Apache-2.0
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
@ -15,8 +15,6 @@
|
||||
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the License for the specific language governing permissions and
|
||||
* limitations under the License.
|
||||
*
|
||||
* This file is part of mbed TLS (https://tls.mbed.org)
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -24,16 +22,13 @@
|
||||
* available to members of the Thread Group http://threadgroup.org/
|
||||
*/
|
||||
|
||||
#if !defined(MBEDTLS_CONFIG_FILE)
|
||||
#include "mbedtls/config.h"
|
||||
#else
|
||||
#include MBEDTLS_CONFIG_FILE
|
||||
#endif
|
||||
#include "common.h"
|
||||
|
||||
#if defined(MBEDTLS_ECJPAKE_C)
|
||||
|
||||
#include "mbedtls/ecjpake.h"
|
||||
#include "mbedtls/platform_util.h"
|
||||
#include "mbedtls/error.h"
|
||||
|
||||
#include <string.h>
|
||||
|
||||
@ -110,7 +105,7 @@ int mbedtls_ecjpake_setup( mbedtls_ecjpake_context *ctx,
|
||||
const unsigned char *secret,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
ECJPAKE_VALIDATE_RET( ctx != NULL );
|
||||
ECJPAKE_VALIDATE_RET( role == MBEDTLS_ECJPAKE_CLIENT ||
|
||||
@ -159,7 +154,7 @@ static int ecjpake_write_len_point( unsigned char **p,
|
||||
const int pf,
|
||||
const mbedtls_ecp_point *P )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
/* Need at least 4 for length plus 1 for point */
|
||||
@ -171,10 +166,7 @@ static int ecjpake_write_len_point( unsigned char **p,
|
||||
if( ret != 0 )
|
||||
return( ret );
|
||||
|
||||
(*p)[0] = (unsigned char)( ( len >> 24 ) & 0xFF );
|
||||
(*p)[1] = (unsigned char)( ( len >> 16 ) & 0xFF );
|
||||
(*p)[2] = (unsigned char)( ( len >> 8 ) & 0xFF );
|
||||
(*p)[3] = (unsigned char)( ( len ) & 0xFF );
|
||||
MBEDTLS_PUT_UINT32_BE( len, *p, 0 );
|
||||
|
||||
*p += 4 + len;
|
||||
|
||||
@ -199,7 +191,7 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info,
|
||||
const char *id,
|
||||
mbedtls_mpi *h )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char buf[ECJPAKE_HASH_BUF_LEN];
|
||||
unsigned char *p = buf;
|
||||
const unsigned char *end = buf + sizeof( buf );
|
||||
@ -214,10 +206,8 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info,
|
||||
if( end - p < 4 )
|
||||
return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
|
||||
|
||||
*p++ = (unsigned char)( ( id_len >> 24 ) & 0xFF );
|
||||
*p++ = (unsigned char)( ( id_len >> 16 ) & 0xFF );
|
||||
*p++ = (unsigned char)( ( id_len >> 8 ) & 0xFF );
|
||||
*p++ = (unsigned char)( ( id_len ) & 0xFF );
|
||||
MBEDTLS_PUT_UINT32_BE( id_len, p, 0 );
|
||||
p += 4;
|
||||
|
||||
if( end < p || (size_t)( end - p ) < id_len )
|
||||
return( MBEDTLS_ERR_ECP_BUFFER_TOO_SMALL );
|
||||
@ -226,7 +216,7 @@ static int ecjpake_hash( const mbedtls_md_info_t *md_info,
|
||||
p += id_len;
|
||||
|
||||
/* Compute hash */
|
||||
mbedtls_md( md_info, buf, p - buf, hash );
|
||||
MBEDTLS_MPI_CHK( mbedtls_md( md_info, buf, p - buf, hash ) );
|
||||
|
||||
/* Turn it into an integer mod n */
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( h, hash,
|
||||
@ -249,7 +239,7 @@ static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info,
|
||||
const unsigned char **p,
|
||||
const unsigned char *end )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ecp_point V, VV;
|
||||
mbedtls_mpi r, h;
|
||||
size_t r_len;
|
||||
@ -278,7 +268,7 @@ static int ecjpake_zkp_read( const mbedtls_md_info_t *md_info,
|
||||
|
||||
r_len = *(*p)++;
|
||||
|
||||
if( end < *p || (size_t)( end - *p ) < r_len )
|
||||
if( end < *p || (size_t)( end - *p ) < r_len || r_len == 0 )
|
||||
{
|
||||
ret = MBEDTLS_ERR_ECP_BAD_INPUT_DATA;
|
||||
goto cleanup;
|
||||
@ -324,7 +314,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ecp_point V;
|
||||
mbedtls_mpi v;
|
||||
mbedtls_mpi h; /* later recycled to hold r */
|
||||
@ -357,7 +347,7 @@ static int ecjpake_zkp_write( const mbedtls_md_info_t *md_info,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
*(*p)++ = (unsigned char)( len & 0xFF );
|
||||
*(*p)++ = MBEDTLS_BYTE_0( len );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_write_binary( &h, *p, len ) ); /* r */
|
||||
*p += len;
|
||||
|
||||
@ -382,7 +372,7 @@ static int ecjpake_kkp_read( const mbedtls_md_info_t *md_info,
|
||||
const unsigned char **p,
|
||||
const unsigned char *end )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
if( end < *p )
|
||||
return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
|
||||
@ -422,7 +412,7 @@ static int ecjpake_kkp_write( const mbedtls_md_info_t *md_info,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
size_t len;
|
||||
|
||||
if( end < *p )
|
||||
@ -457,7 +447,7 @@ static int ecjpake_kkpp_read( const mbedtls_md_info_t *md_info,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const unsigned char *p = buf;
|
||||
const unsigned char *end = buf + len;
|
||||
|
||||
@ -495,7 +485,7 @@ static int ecjpake_kkpp_write( const mbedtls_md_info_t *md_info,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
unsigned char *p = buf;
|
||||
const unsigned char *end = buf + len;
|
||||
|
||||
@ -553,7 +543,7 @@ static int ecjpake_ecp_add3( mbedtls_ecp_group *grp, mbedtls_ecp_point *R,
|
||||
const mbedtls_ecp_point *B,
|
||||
const mbedtls_ecp_point *C )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_mpi one;
|
||||
|
||||
mbedtls_mpi_init( &one );
|
||||
@ -575,7 +565,7 @@ int mbedtls_ecjpake_read_round_two( mbedtls_ecjpake_context *ctx,
|
||||
const unsigned char *buf,
|
||||
size_t len )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
const unsigned char *p = buf;
|
||||
const unsigned char *end = buf + len;
|
||||
mbedtls_ecp_group grp;
|
||||
@ -639,7 +629,7 @@ static int ecjpake_mul_secret( mbedtls_mpi *R, int sign,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_mpi b; /* Blinding value, then s + N * blinding */
|
||||
|
||||
mbedtls_mpi_init( &b );
|
||||
@ -668,7 +658,7 @@ int mbedtls_ecjpake_write_round_two( mbedtls_ecjpake_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ecp_point G; /* C: GA, S: GB */
|
||||
mbedtls_ecp_point Xm; /* C: Xc, S: Xs */
|
||||
mbedtls_mpi xm; /* C: xc, S: xs */
|
||||
@ -750,7 +740,7 @@ int mbedtls_ecjpake_derive_secret( mbedtls_ecjpake_context *ctx,
|
||||
int (*f_rng)(void *, unsigned char *, size_t),
|
||||
void *p_rng )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ecp_point K;
|
||||
mbedtls_mpi m_xm2_s, one;
|
||||
unsigned char kx[MBEDTLS_ECP_MAX_BYTES];
|
||||
@ -825,6 +815,8 @@ static const unsigned char ecjpake_test_password[] = {
|
||||
0x65, 0x73, 0x74
|
||||
};
|
||||
|
||||
#if !defined(MBEDTLS_ECJPAKE_ALT)
|
||||
|
||||
static const unsigned char ecjpake_test_x1[] = {
|
||||
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c,
|
||||
0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18,
|
||||
@ -951,12 +943,12 @@ static const unsigned char ecjpake_test_pms[] = {
|
||||
0xb4, 0x38, 0xf7, 0x19, 0xd3, 0xc4, 0xf3, 0x51
|
||||
};
|
||||
|
||||
/* Load my private keys and generate the correponding public keys */
|
||||
/* Load my private keys and generate the corresponding public keys */
|
||||
static int ecjpake_test_load( mbedtls_ecjpake_context *ctx,
|
||||
const unsigned char *xm1, size_t len1,
|
||||
const unsigned char *xm2, size_t len2 )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm1, xm1, len1 ) );
|
||||
MBEDTLS_MPI_CHK( mbedtls_mpi_read_binary( &ctx->xm2, xm2, len2 ) );
|
||||
@ -969,6 +961,8 @@ cleanup:
|
||||
return( ret );
|
||||
}
|
||||
|
||||
#endif /* ! MBEDTLS_ECJPAKE_ALT */
|
||||
|
||||
/* For tests we don't need a secure RNG;
|
||||
* use the LGC from Numerical Recipes for simplicity */
|
||||
static int ecjpake_lgc( void *p, unsigned char *out, size_t len )
|
||||
@ -1004,7 +998,7 @@ static int ecjpake_lgc( void *p, unsigned char *out, size_t len )
|
||||
*/
|
||||
int mbedtls_ecjpake_self_test( int verbose )
|
||||
{
|
||||
int ret;
|
||||
int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED;
|
||||
mbedtls_ecjpake_context cli;
|
||||
mbedtls_ecjpake_context srv;
|
||||
unsigned char buf[512], pms[32];
|
||||
@ -1064,6 +1058,12 @@ int mbedtls_ecjpake_self_test( int verbose )
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( "passed\n" );
|
||||
|
||||
#if !defined(MBEDTLS_ECJPAKE_ALT)
|
||||
/* 'reference handshake' tests can only be run against implementations
|
||||
* for which we have 100% control over how the random ephemeral keys
|
||||
* are generated. This is only the case for the internal mbed TLS
|
||||
* implementation, so these tests are skipped in case the internal
|
||||
* implementation is swapped out for an alternative one. */
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( " ECJPAKE test #2 (reference handshake): " );
|
||||
|
||||
@ -1112,6 +1112,7 @@ int mbedtls_ecjpake_self_test( int verbose )
|
||||
|
||||
if( verbose != 0 )
|
||||
mbedtls_printf( "passed\n" );
|
||||
#endif /* ! MBEDTLS_ECJPAKE_ALT */
|
||||
|
||||
cleanup:
|
||||
mbedtls_ecjpake_free( &cli );
|
||||
|
Reference in New Issue
Block a user